If you think your business is being impacted by identity theft, we recommend that you act immediately by following our guidelines below, and then proceed to our ReportRecover and Reinforce sections for further assistance.

Some Immediate Action Steps to Take

  • Collect all relevant documentation related to the incident. You may need to provide this documentation when you file a report or seek legal counsel.
  • Pinpoint the accounts that were affected, who has access to those accounts and the last time they were accessed or a transaction took place.
  • Change and create new strong passwords for the affected accounts. Learn how from
  • Always enable two factor authentication (2FA) – which requires an additional code to log in.
  • If your business credit card or line of credit was stolen, immediately contact the appropriate financial institutions to put a freeze on your account(s).
  • If you receive a notice from the IRS that your business is involved in fraudulent tax return activity, the IRS will guide you through the investigation.
    • Be aware: the first form of contact from the IRS will always come through the mail.
  • If you notice that someone has used your business to submit a fraudulent tax return, notify the IRS at 1-800-829-4933.
  • Report the incident to your local law enforcement agency by calling the non-emergency number. Obtain a copy of the incident report for insurance purposes and store it with other relevant documentation related to the incident.


Click Here to Report Your Incident to the FBI IC3

Reporting cybercrime incidents to the FBI Internet Crime Complaint Center (IC3) via the link above is very important! The more national reporting data that is collected, the better the chance law enforcement has to catch the criminals and decrease online crime. Although the FBI does not resolve individual complaints directly, they will make your report available to local, state and other law enforcement partners. FAQs about IC3 reporting can be found here. Please read the FBI/IC3 privacy policy here. (If you believe that you’ve received a phishing email, please forward the email directly to


These resources have been gathered, selected and vetted to help simplify the process of recovering after a cybercrime incident has taken place. You may need to contact organizations outside Results will vary depending on your circumstances.


Once you have notified the appropriate organizations and you are on the road to recovery, it is time to reinforce your cybersecurity using these resources and tools.

Implement Preventative Measures

  • Verify what states you do business in through each State Registry Office and secure access to your business data with a username, strong password and two-step/factor verification, if available.
  • Regularly manage and monitor your Dun & Bradstreet business credit file for free. All changes to your Dun & Bradstreet business credit file are shared with the other credit reporting agencies.
  • Routinely manage and secure your business website by:
    • Running regular backups for your site,
    • Regularly scanning your website for malware and viruses,
    • Protecting your site with a web application firewall, and…
    • Securing your site with HTTPS. Learn more about HTTPS.
  • Check the financial security of your future and current business partners and request a signed agreement to protect your business data.
  • Learn how to understand and address cybersecurity risks with the CISA Cyber Essentials Toolkits.

Community Resources